// 这个脚本是用来推理给好友发送消息SendMsg点的位置，通过protobuf找到的点41322198，对调用栈中的函数进行打log
// 线程名是  IPC_CHANNEL_THREAD

IPC_CHANNEL_THREAD$ = 6A48
IPC_CHANNEL_THREAD1$ = 68E8
IPC_CHANNEL_THREAD2$ = 2E9C
IPC_CHANNEL_THREAD3$ = 515C

UI_THREAD$ = 17444

// 日志输出条件
// "((tid()==IPC_CHANNEL_THREAD$)||(tid()==IPC_CHANNEL_THREAD1$)||(tid()==IPC_CHANNEL_THREAD2$)||(tid()==IPC_CHANNEL_THREAD3$))"
// "(tid()==IPC_CHANNEL_THREAD$)"
// "tid()==6A48"



//
// 格式化时
//

// log "time={u:GetTickCount()}={d:GetTickCount()/.60000}_{d:(GetTickCount()%.60000)/.1000}_{d:GetTickCount()%.1000}ms"
// log "time={u:GetTickCount()}={d:GetTickCount()/.60000}:{d:(GetTickCount()%.60000)/.1000}:{d:GetTickCount()%.1000}ms"
// 这个是 时:分：秒：毫秒 的格式
// log "time={u:GetTickCount()}={d:GetTickCount()/.3600000}:{d:GetTickCount()%.3600000/.60000}:{d:(GetTickCount()%.60000)/.1000}:{d:GetTickCount()%.1000}ms"
// 这个是到分钟：秒：毫秒 的格式
// log "time={d:GetTickCount()/.60000}:{d:(GetTickCount()%.60000)/.1000}:{d:GetTickCount()%.1000}ms"



//
// My_WsaSendMsg_L1_3882382  函数
//

My_WsaSendMsg_L1_3882382_Start$ = mod.main()+3882382
bp My_WsaSendMsg_L1_3882382_Start$, "My_WsaSendMsg_L1_3882382_Start"
bpcnd My_WsaSendMsg_L1_3882382_Start$ , "0"
bplogcondition My_WsaSendMsg_L1_3882382_Start$, "1"
bplog My_WsaSendMsg_L1_3882382_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L1_3882382 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L1_3882382_Start$ , "My_WsaSendMsg_L1_3882382_Start"




My_WsaSendMsg_L1_3882382_End$ = mod.main()+388242E
bp My_WsaSendMsg_L1_3882382_End$, "My_WsaSendMsg_L1_3882382_End"
bpcnd My_WsaSendMsg_L1_3882382_End$ , "0"
bplogcondition My_WsaSendMsg_L1_3882382_End$, "1"
bplog My_WsaSendMsg_L1_3882382_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L1_3882382 End ...  "
labelset My_WsaSendMsg_L1_3882382_End$ , "My_WsaSendMsg_L1_3882382_End"





//
// My_WsaSendMsg_L2_4450D2E
//


My_WsaSendMsg_L2_4450D2E_Start$ = mod.main()+4450D2E
bp My_WsaSendMsg_L2_4450D2E_Start$, "My_WsaSendMsg_L2_4450D2E_Start"
bpcnd My_WsaSendMsg_L2_4450D2E_Start$ , "0"
bplogcondition My_WsaSendMsg_L2_4450D2E_Start$, "1"
bplog My_WsaSendMsg_L2_4450D2E_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L2_4450D2E Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L2_4450D2E_Start$, "My_WsaSendMsg_L2_4450D2E_Start"


WSASendPos_4450DCF$ = mod.main()+4450DCF
bp WSASendPos_4450DCF$, "WSASendPos_4450DCF"
bpcnd WSASendPos_4450DCF$ , "0"
bplogcondition WSASendPos_4450DCF$, "1"
bplog WSASendPos_4450DCF$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L2_4450D2E WSASendPos_4450DCF :{mem;ecx@eax}"
labelset WSASendPos_4450DCF$ , "WSASendPos_4450DCF"


My_WsaSendMsg_L2_4450D2E_End$ = mod.main()+4450E17
bp My_WsaSendMsg_L2_4450D2E_End$, "My_WsaSendMsg_L2_4450D2E_End"
bpcnd My_WsaSendMsg_L2_4450D2E_End$ , "0"
bplogcondition My_WsaSendMsg_L2_4450D2E_End$, "1"
bplog My_WsaSendMsg_L2_4450D2E_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L2_4450D2E End ...  "
labelset My_WsaSendMsg_L2_4450D2E_End$, "My_WsaSendMsg_L2_4450D2E_End"





//
// My_WsaSendMsg_L3_4451F05
//


My_WsaSendMsg_L3_4451F05_Start$ = mod.main()+4451F05
bp My_WsaSendMsg_L3_4451F05_Start$, "My_WsaSendMsg_L3_4451F05_Start"
bpcnd My_WsaSendMsg_L3_4451F05_Start$ , "0"
bplogcondition My_WsaSendMsg_L3_4451F05_Start$, "1"
bplog My_WsaSendMsg_L3_4451F05_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L3_4451F05 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L3_4451F05_Start$, "My_WsaSendMsg_L3_4451F05_Start"


My_WsaSendMsg_L3_4451F05_End$ = mod.main()+4451FC1
bp My_WsaSendMsg_L3_4451F05_End$, "My_WsaSendMsg_L3_4451F05_End"
bpcnd My_WsaSendMsg_L3_4451F05_End$ , "0"
bplogcondition My_WsaSendMsg_L3_4451F05_End$, "1"
bplog My_WsaSendMsg_L3_4451F05_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L3_4451F05 End ...  "
labelset My_WsaSendMsg_L3_4451F05_End$, "My_WsaSendMsg_L3_4451F05_End"





//
// My_WsaSendMsg_L4_4450ED0
//


My_WsaSendMsg_L4_4450ED0_Start$ = mod.main()+4450ED0
bp My_WsaSendMsg_L4_4450ED0_Start$, "My_WsaSendMsg_L4_4450ED0_Start"
bpcnd My_WsaSendMsg_L4_4450ED0_Start$ , "0"
bplogcondition My_WsaSendMsg_L4_4450ED0_Start$, "1"
bplog My_WsaSendMsg_L4_4450ED0_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L4_4450ED0 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L4_4450ED0_Start$, "My_WsaSendMsg_L4_4450ED0_Start"


My_WsaSendMsg_L4_4450ED0_End$ = mod.main()+4450F4D
bp My_WsaSendMsg_L4_4450ED0_End$, "My_WsaSendMsg_L4_4450ED0_End"
bpcnd My_WsaSendMsg_L4_4450ED0_End$ , "0"
bplogcondition My_WsaSendMsg_L4_4450ED0_End$, "1"
bplog My_WsaSendMsg_L4_4450ED0_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L4_4450ED0 End ...  "
labelset My_WsaSendMsg_L4_4450ED0_End$, "My_WsaSendMsg_L4_4450ED0_End"





//
// My_WsaSendMsg_L5_4454222
//


My_WsaSendMsg_L5_4454222_Start$ = mod.main()+4454222
bp My_WsaSendMsg_L5_4454222_Start$, "My_WsaSendMsg_L5_4454222_Start"
bpcnd My_WsaSendMsg_L5_4454222_Start$ , "0"
bplogcondition My_WsaSendMsg_L5_4454222_Start$, "1"
bplog My_WsaSendMsg_L5_4454222_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L5_4454222 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L5_4454222_Start$, "My_WsaSendMsg_L5_4454222_Start"


My_WsaSendMsg_L5_4454222_End$ = mod.main()+44542EE
bp My_WsaSendMsg_L5_4454222_End$, "My_WsaSendMsg_L5_4454222_End"
bpcnd My_WsaSendMsg_L5_4454222_End$ , "0"
bplogcondition My_WsaSendMsg_L5_4454222_End$, "1"
bplog My_WsaSendMsg_L5_4454222_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L5_4454222 End ...  "
labelset My_WsaSendMsg_L5_4454222_End$, "My_WsaSendMsg_L5_4454222_End"





//
// My_WsaSendMsg_L6_44540B0
//


My_WsaSendMsg_L6_44540B0_Start$ = mod.main()+44540B0
bp My_WsaSendMsg_L6_44540B0_Start$, "My_WsaSendMsg_L6_44540B0_Start"
bpcnd My_WsaSendMsg_L6_44540B0_Start$ , "0"
bplogcondition My_WsaSendMsg_L6_44540B0_Start$, "1"
bplog My_WsaSendMsg_L6_44540B0_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L6_44540B0 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L6_44540B0_Start$, "My_WsaSendMsg_L6_44540B0_Start"


My_WsaSendMsg_L6_44540B0_End$ = mod.main()+445421F
bp My_WsaSendMsg_L6_44540B0_End$, "My_WsaSendMsg_L6_44540B0_End"
bpcnd My_WsaSendMsg_L6_44540B0_End$ , "0"
bplogcondition My_WsaSendMsg_L6_44540B0_End$, "1"
bplog My_WsaSendMsg_L6_44540B0_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L6_44540B0 End ...  "
labelset My_WsaSendMsg_L6_44540B0_End$, "My_WsaSendMsg_L6_44540B0_End"





//
// My_WsaSendMsg_L7_1263C50
//


My_WsaSendMsg_L7_1263C50_Start$ = mod.main()+1263C50
bp My_WsaSendMsg_L7_1263C50_Start$, "My_WsaSendMsg_L7_1263C50_Start"
bpcnd My_WsaSendMsg_L7_1263C50_Start$ , "0"
bplogcondition My_WsaSendMsg_L7_1263C50_Start$, "1"
bplog My_WsaSendMsg_L7_1263C50_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L7_1263C50 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L7_1263C50_Start$, "My_WsaSendMsg_L7_1263C50_Start"


// 中间call edi
My_WsaSendMsg_L7_1263C50_mid$ = mod.main()+1263C71
bp My_WsaSendMsg_L7_1263C50_mid$, "My_WsaSendMsg_L7_1263C50_mid"
bpcnd My_WsaSendMsg_L7_1263C50_mid$ , "0"
bplogcondition My_WsaSendMsg_L7_1263C50_mid$, "1"
bplog My_WsaSendMsg_L7_1263C50_mid$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L7_1263C50 mid call edi_RVA={mod.rva(edi)} , targetAddr=My_WsaSendMsg_L6_44540B0 "



My_WsaSendMsg_L7_1263C50_End$ = mod.main()+1263C76
bp My_WsaSendMsg_L7_1263C50_End$, "My_WsaSendMsg_L7_1263C50_End"
bpcnd My_WsaSendMsg_L7_1263C50_End$ , "0"
bplogcondition My_WsaSendMsg_L7_1263C50_End$, "1"
bplog My_WsaSendMsg_L7_1263C50_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L7_1263C50 End ...  "
labelset My_WsaSendMsg_L7_1263C50_End$, "My_WsaSendMsg_L7_1263C50_End"





//
// My_WsaSendMsg_L8_44503A8
//


My_WsaSendMsg_L8_44503A8_Start$ = mod.main()+44503A8
bp My_WsaSendMsg_L8_44503A8_Start$, "My_WsaSendMsg_L8_44503A8_Start"
bpcnd My_WsaSendMsg_L8_44503A8_Start$ , "0"
bplogcondition My_WsaSendMsg_L8_44503A8_Start$, "1"
bplog My_WsaSendMsg_L8_44503A8_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L8_44503A8 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L8_44503A8_Start$, "My_WsaSendMsg_L8_44503A8_Start"


My_WsaSendMsg_L8_44503A8_End$ = mod.main()+445041D
bp My_WsaSendMsg_L8_44503A8_End$, "My_WsaSendMsg_L8_44503A8_End"
bpcnd My_WsaSendMsg_L8_44503A8_End$ , "0"
bplogcondition My_WsaSendMsg_L8_44503A8_End$, "1"
bplog My_WsaSendMsg_L8_44503A8_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L8_44503A8 End My_WsaSendMsg_L9_4455150 end My_Call_GetQrcode_L5_JMP_L8_289053 End ...  "
labelset My_WsaSendMsg_L8_44503A8_End$, "My_WsaSendMsg_L8_44503A8_End"





//
// My_WsaSendMsg_L9_4455150
//


My_WsaSendMsg_L9_4455150_Start$ = mod.main()+4455150
bp My_WsaSendMsg_L9_4455150_Start$, "My_WsaSendMsg_L9_4455150_Start"
bpcnd My_WsaSendMsg_L9_4455150_Start$ , "0"
bplogcondition My_WsaSendMsg_L9_4455150_Start$, "1"
bplog My_WsaSendMsg_L9_4455150_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L9_4455150 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_WsaSendMsg_L9_4455150_Start$, "My_WsaSendMsg_L9_4455150_Start"


My_WsaSendMsg_L9_4455150_mid$ = mod.main()+4455153
bp My_WsaSendMsg_L9_4455150_mid$, "My_WsaSendMsg_L9_4455150_mid"
bpcnd My_WsaSendMsg_L9_4455150_mid$ , "0"
bplogcondition My_WsaSendMsg_L9_4455150_mid$, "1"
bplog My_WsaSendMsg_L9_4455150_mid$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_WsaSendMsg_L9_4455150_mid jmp My_WsaSendMsg_L8_44503A8 ...  "
labelset My_WsaSendMsg_L9_4455150_mid$, "My_WsaSendMsg_L9_4455150_mid"






//
//  My_Call_GetQrcode_L5_JMP_L8_289053
//


My_Call_GetQrcode_L5_JMP_L8_289053_Start$ = mod.main()+289053
bp My_Call_GetQrcode_L5_JMP_L8_289053_Start$, "My_Call_GetQrcode_L5_JMP_L8_289053_Start"
bpcnd My_Call_GetQrcode_L5_JMP_L8_289053_Start$ , "0"
bplogcondition My_Call_GetQrcode_L5_JMP_L8_289053_Start$, "1"
bplog My_Call_GetQrcode_L5_JMP_L8_289053_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_Call_GetQrcode_L5_JMP_L8_289053 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_Call_GetQrcode_L5_JMP_L8_289053_Start$, "My_Call_GetQrcode_L5_JMP_L8_289053_Start"


// 中间的 jmp [eax+8]
My_Call_GetQrcode_L5_JMP_L8_289053_mid1$ = mod.main()+289069
bp My_Call_GetQrcode_L5_JMP_L8_289053_mid1$, "My_Call_GetQrcode_L5_JMP_L8_289053_mid1"
bpcnd My_Call_GetQrcode_L5_JMP_L8_289053_mid1$ , "0"
bplogcondition My_Call_GetQrcode_L5_JMP_L8_289053_mid1$, "1"
bplog My_Call_GetQrcode_L5_JMP_L8_289053_mid1$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_Call_GetQrcode_L5_JMP_L8_289053_mid1 jmp [eax+8]_RVA={mod.rva([eax+8])} , targetAddr=My_WsaSendMsg_L9_4455150 "





//
// My_GetQrcodeReq_L6_2B72D0
//


My_GetQrcodeReq_L6_2B72D0_Start$ = mod.main()+2B72D0
bp My_GetQrcodeReq_L6_2B72D0_Start$, "My_GetQrcodeReq_L6_2B72D0_Start"
bpcnd My_GetQrcodeReq_L6_2B72D0_Start$ , "0"
bplogcondition My_GetQrcodeReq_L6_2B72D0_Start$, "1"
bplog My_GetQrcodeReq_L6_2B72D0_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_GetQrcodeReq_L6_2B72D0 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_GetQrcodeReq_L6_2B72D0_Start$, "My_GetQrcodeReq_L6_2B72D0_Start"


// 为了记录 My_Call_GetQrcode_L5_JMP_L8 的返回位置，因为如果不是目标流程，就看不到L5的返回日志了
My_GetQrcodeReq_L5_2B7326_reted$ = mod.main()+2B7326
bp My_GetQrcodeReq_L5_2B7326_reted$, "My_Call_GetQrcode_L5_JMP_L8_reted"
bpcnd My_GetQrcodeReq_L5_2B7326_reted$ , "0"
bplogcondition My_GetQrcodeReq_L5_2B7326_reted$, "1"
bplog My_GetQrcodeReq_L5_2B7326_reted$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_Call_GetQrcode_L5_JMP_L8_289053 returned "



My_GetQrcodeReq_L6_2B72D0_End$ = mod.main()+2B7340
bp My_GetQrcodeReq_L6_2B72D0_End$, "My_GetQrcodeReq_L6_2B72D0_End"
bpcnd My_GetQrcodeReq_L6_2B72D0_End$ , "0"
bplogcondition My_GetQrcodeReq_L6_2B72D0_End$, "1"
bplog My_GetQrcodeReq_L6_2B72D0_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_GetQrcodeReq_L6_2B72D0 End ...  "
labelset My_GetQrcodeReq_L6_2B72D0_End$, "My_GetQrcodeReq_L6_2B72D0_End"




//
// My_GetQrcodeReq_L7_2B675F
//

My_GetQrcodeReq_L7_2B675F_Start$ = mod.main()+2B675F
bp My_GetQrcodeReq_L7_2B675F_Start$, "My_GetQrcodeReq_L7_2B675F_Start"
bpcnd My_GetQrcodeReq_L7_2B675F_Start$ , "0"
bplogcondition My_GetQrcodeReq_L7_2B675F_Start$, "1"
bplog My_GetQrcodeReq_L7_2B675F_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_GetQrcodeReq_L7_2B675F Start ...  callAddrRva={mod.rva([esp])}"
labelset My_GetQrcodeReq_L7_2B675F_Start$ , "My_GetQrcodeReq_L7_2B675F_Start"


// 中间的call [edi+18]
My_GetQrcodeReq_L7_2B675F_mid1$ = mod.main()+2B6899
bp My_GetQrcodeReq_L7_2B675F_mid1$, "My_GetQrcodeReq_L7_2B675F_mid1"
bpcnd My_GetQrcodeReq_L7_2B675F_mid1$ , "0"
bplogcondition My_GetQrcodeReq_L7_2B675F_mid1$, "1"
bplog My_GetQrcodeReq_L7_2B675F_mid1$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_GetQrcodeReq_L7_2B675F mid call [edi+18]_RVA={mod.rva([edi+18])} , targetAddr=My_GetQrcodeReq_L6_2B72D0 "


My_GetQrcodeReq_L7_2B675F_End$ = mod.main()+2B695A
bp My_GetQrcodeReq_L7_2B675F_End$, "My_GetQrcodeReq_L7_2B675F_End"
bpcnd My_GetQrcodeReq_L7_2B675F_End$ , "0"
bplogcondition My_GetQrcodeReq_L7_2B675F_End$, "1"
bplog My_GetQrcodeReq_L7_2B675F_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_GetQrcodeReq_L7_2B675F End ...  "
labelset My_GetQrcodeReq_L7_2B675F_End$ , "My_GetQrcodeReq_L7_2B675F_End"





//
// My_GetQrcodeReq_L8_2B665C
//


My_GetQrcodeReq_L8_2B665C_Start$ = mod.main()+2B665C
bp My_GetQrcodeReq_L8_2B665C_Start$, "My_GetQrcodeReq_L8_2B665C_Start"
bpcnd My_GetQrcodeReq_L8_2B665C_Start$ , "0"
bplogcondition My_GetQrcodeReq_L8_2B665C_Start$, "1"
bplog My_GetQrcodeReq_L8_2B665C_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_GetQrcodeReq_L8_2B665C Start ...  callAddrRva={mod.rva([esp])}"
labelset My_GetQrcodeReq_L8_2B665C_Start$, "My_GetQrcodeReq_L8_2B665C_Start"


My_GetQrcodeReq_L8_2B665C_End$ = mod.main()+2B66EC
bp My_GetQrcodeReq_L8_2B665C_End$, "My_GetQrcodeReq_L8_2B665C_End"
bpcnd My_GetQrcodeReq_L8_2B665C_End$ , "0"
bplogcondition My_GetQrcodeReq_L8_2B665C_End$, "1"
bplog My_GetQrcodeReq_L8_2B665C_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_GetQrcodeReq_L8_2B665C End ...  "
labelset My_GetQrcodeReq_L8_2B665C_End$, "My_GetQrcodeReq_L8_2B665C_End"







/////////////////////
//// 主线程的断点 ////
////////////////////





My_MsgToBrobufL6_17D7160_Start$ = mod.main()+17D7160
bp My_MsgToBrobufL6_17D7160_Start$, "My_MsgToBrobufL6_17D7160_Start"
bpcnd My_MsgToBrobufL6_17D7160_Start$ , "0"
SetBreakpointCommand My_MsgToBrobufL6_17D7160_Start$, "TargetAddr$=0"
//bplogcondition My_MsgToBrobufL6_17D7160_Start$, "1" "mod.rva([ecx+0x10])==17D7160"
bplogcondition My_MsgToBrobufL6_17D7160_Start$, "mod.rva([ecx+0x10])==26C6B40"
bplog My_MsgToBrobufL6_17D7160_Start$, "tid={tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL6_17D7160 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_MsgToBrobufL6_17D7160_Start$ , "My_MsgToBrobufL6_17D7160_Start"


// 中间的call esi
My_MsgToBrobufL6_17D7160_mid1$ = mod.main()+17D7182
bp My_MsgToBrobufL6_17D7160_mid1$, "My_MsgToBrobufL6_17D7160_mid1"
bpcnd My_MsgToBrobufL6_17D7160_mid1$ , "0"
//bplogcondition My_MsgToBrobufL6_17D7160_mid1$, "1"
SetBreakpointCommand My_MsgToBrobufL6_17D7160_mid1$, "TargetAddr$=mod.rva(esi)"
bplogcondition My_MsgToBrobufL6_17D7160_mid1$, "mod.rva(esi)==26C6B40"
bplog My_MsgToBrobufL6_17D7160_mid1$, "tid={tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL6_17D7160 mid call esi_RVA={mod.rva(esi)} , targetAddr=My_MsgToBrobufL5_26C6B40 "


My_MsgToBrobufL6_17D7160_End$ = mod.main()+17D7187
bp My_MsgToBrobufL6_17D7160_End$, "My_MsgToBrobufL6_17D7160_End"
bpcnd My_MsgToBrobufL6_17D7160_End$ , "0"
//bplogcondition My_MsgToBrobufL6_17D7160_End$, "1"
bplogcondition My_MsgToBrobufL6_17D7160_End$, "TargetAddr$==26C6B40"
bplog My_MsgToBrobufL6_17D7160_End$, "tid={tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL6_17D7160 End ...  "
labelset My_MsgToBrobufL6_17D7160_End$ , "My_MsgToBrobufL6_17D7160_End"


//
//My_MsgToBrobufL5_26C6B40
//

My_MsgToBrobufL5_26C6B40_Start$ = mod.main()+26C6B40
bp My_MsgToBrobufL5_26C6B40_Start$, "My_MsgToBrobufL5_26C6B40_Start"
bpcnd My_MsgToBrobufL5_26C6B40_Start$ , "0"
bplogcondition My_MsgToBrobufL5_26C6B40_Start$, "1"
bplog My_MsgToBrobufL5_26C6B40_Start$, "tid={tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL5_26C6B40 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_MsgToBrobufL5_26C6B40_Start$ , "My_MsgToBrobufL5_26C6B40_Start"


// 中间的call esi
My_MsgToBrobufL5_26C6B40_mid1$ = mod.main()+26C6BED
bp My_MsgToBrobufL5_26C6B40_mid1$, "My_MsgToBrobufL5_26C6B40_mid1"
bpcnd My_MsgToBrobufL5_26C6B40_mid1$ , "0"
bplogcondition My_MsgToBrobufL5_26C6B40_mid1$, "1"
bplog My_MsgToBrobufL5_26C6B40_mid1$, "tid={tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL5_26C6B40 mid call esi_RVA={mod.rva(esi)} , targetAddr=My_MsgToBrobufL4_271F24E "


My_MsgToBrobufL5_26C6B40_End$ = mod.main()+26C6BFA
bp My_MsgToBrobufL5_26C6B40_End$, "My_MsgToBrobufL5_26C6B40_End"
bpcnd My_MsgToBrobufL5_26C6B40_End$ , "0"
bplogcondition My_MsgToBrobufL5_26C6B40_End$, "1"
bplog My_MsgToBrobufL5_26C6B40_End$, "tid={tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL5_26C6B40 End ...  "
labelset My_MsgToBrobufL5_26C6B40_End$ , "My_MsgToBrobufL5_26C6B40_End"




//
//My_MsgToBrobufL4_271F24E
//

My_MsgToBrobufL4_271F24E_Start$ = mod.main()+271F24E
bp My_MsgToBrobufL4_271F24E_Start$, "My_MsgToBrobufL4_271F24E_Start"
bpcnd My_MsgToBrobufL4_271F24E_Start$ , "0"
bplogcondition My_MsgToBrobufL4_271F24E_Start$, "1"
bplog My_MsgToBrobufL4_271F24E_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL4_271F24E Start ...  callAddrRva={mod.rva([esp])}"
labelset My_MsgToBrobufL4_271F24E_Start$, "My_MsgToBrobufL4_271F24E_Start"


My_MsgToBrobufL4_271F24E_End$ = mod.main()+271F6D8
bp My_MsgToBrobufL4_271F24E_End$, "My_MsgToBrobufL4_271F24E_End"
bpcnd My_MsgToBrobufL4_271F24E_End$ , "0"
bplogcondition My_MsgToBrobufL4_271F24E_End$, "1"
bplog My_MsgToBrobufL4_271F24E_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobufL4_271F24E End ...  "
labelset My_MsgToBrobufL4_271F24E_End$, "My_MsgToBrobufL4_271F24E_End"




My_MsgToBrobufL1_2768635_Start$ = mod.main()+2768635
bp My_MsgToBrobufL1_2768635_Start$, "My_MsgToBrobufL1_2768635_Start"
bpcnd My_MsgToBrobufL1_2768635_Start$ , "0"
bplogcondition My_MsgToBrobufL1_2768635_Start$, "1"
bplog My_MsgToBrobufL1_2768635_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf0_L1_2768635 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_MsgToBrobufL1_2768635_Start$, "My_MsgToBrobufL1_2768635_Start"


My_MsgToBrobufL1_2768635_End$ = mod.main()+2768778
bp My_MsgToBrobufL1_2768635_End$, "My_MsgToBrobufL1_2768635_End"
bpcnd My_MsgToBrobufL1_2768635_End$ , "0"
bplogcondition My_MsgToBrobufL1_2768635_End$, "1"
bplog My_MsgToBrobufL1_2768635_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf0_L1_2768635 End ...  "
labelset My_MsgToBrobufL1_2768635_End$, "My_MsgToBrobufL1_2768635_End"





//
// My_MsgToBrobuf1_L1_389A10D
//

My_MsgToBrobuf1_L1_389A10D_Start$ = mod.main()+389A10D
bp My_MsgToBrobuf1_L1_389A10D_Start$, "My_MsgToBrobuf1_L1_389A10D_Start"
bpcnd My_MsgToBrobuf1_L1_389A10D_Start$ , "0"
bplogcondition My_MsgToBrobuf1_L1_389A10D_Start$, "1"
bplog My_MsgToBrobuf1_L1_389A10D_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf1_L1_389A10D Start ...  callAddrRva={mod.rva([esp])}"
labelset My_MsgToBrobuf1_L1_389A10D_Start$, "My_MsgToBrobuf1_L1_389A10D_Start"


My_MsgToBrobuf1_L1_389A10D_End$ = mod.main()+389A153
bp My_MsgToBrobuf1_L1_389A10D_End$, "My_MsgToBrobuf1_L1_389A10D_End"
bpcnd My_MsgToBrobuf1_L1_389A10D_End$ , "0"
bplogcondition My_MsgToBrobuf1_L1_389A10D_End$, "1"
bplog My_MsgToBrobuf1_L1_389A10D_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf1_L1_389A10D End ...  "
labelset My_MsgToBrobuf1_L1_389A10D_End$, "My_MsgToBrobuf1_L1_389A10D_End"





//
// My_MsgToBrobuf2_L1_3897ADB
//

My_MsgToBrobuf2_L1_3897ADB_Start$ = mod.main()+3897ADB
bp My_MsgToBrobuf2_L1_3897ADB_Start$, "My_MsgToBrobuf2_L1_3897ADB_Start"
bpcnd My_MsgToBrobuf2_L1_3897ADB_Start$ , "0"
bplogcondition My_MsgToBrobuf2_L1_3897ADB_Start$, "1"
bplog My_MsgToBrobuf2_L1_3897ADB_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf2_L1_3897ADB Start ...  callAddrRva={mod.rva([esp])}"
labelset My_MsgToBrobuf2_L1_3897ADB_Start$, "My_MsgToBrobuf2_L1_3897ADB_Start"


My_MsgToBrobuf2_L1_3897ADB_End$ = mod.main()+3897BE5
bp My_MsgToBrobuf2_L1_3897ADB_End$, "My_MsgToBrobuf2_L1_3897ADB_End"
bpcnd My_MsgToBrobuf2_L1_3897ADB_End$ , "0"
bplogcondition My_MsgToBrobuf2_L1_3897ADB_End$, "1"
bplog My_MsgToBrobuf2_L1_3897ADB_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf2_L1_3897ADB End ...  "
labelset My_MsgToBrobuf2_L1_3897ADB_End$, "My_MsgToBrobuf2_L1_3897ADB_End"






//
// My_MsgToBrobuf3_L1_29DEA1
//

My_MsgToBrobuf3_L1_29DEA1_Start$ = mod.main()+29DEA1
bp My_MsgToBrobuf3_L1_29DEA1_Start$, "My_MsgToBrobuf3_L1_29DEA1_Start"
bpcnd My_MsgToBrobuf3_L1_29DEA1_Start$ , "0"
bplogcondition My_MsgToBrobuf3_L1_29DEA1_Start$, "1"
bplog My_MsgToBrobuf3_L1_29DEA1_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf3_L1_29DEA1 Start ...  callAddrRva={mod.rva([esp])}"
labelset My_MsgToBrobuf3_L1_29DEA1_Start$, "My_MsgToBrobuf3_L1_29DEA1_Start"


My_MsgToBrobuf3_L1_29DEA1_End$ = mod.main()+29DF85
bp My_MsgToBrobuf3_L1_29DEA1_End$, "My_MsgToBrobuf3_L1_29DEA1_End"
bpcnd My_MsgToBrobuf3_L1_29DEA1_End$ , "0"
bplogcondition My_MsgToBrobuf3_L1_29DEA1_End$, "1"
bplog My_MsgToBrobuf3_L1_29DEA1_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: My_MsgToBrobuf3_L1_29DEA1 End ...  "
labelset My_MsgToBrobuf3_L1_29DEA1_End$, "My_MsgToBrobuf3_L1_29DEA1_End"





//
// Tgt_SendMsg
//

Tgt_SendMsg_Start$ = mod.main()+424CCB2
bp Tgt_SendMsg_Start$, "Tgt_SendMsg_Start"
bpcnd Tgt_SendMsg_Start$ , "0"
bplogcondition Tgt_SendMsg_Start$, "1"
bplog Tgt_SendMsg_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: Tgt_SendMsg Start ...  callAddrRva={mod.rva([esp])}"
labelset Tgt_SendMsg_Start$, "Tgt_SendMsg_Start"


Tgt_SendMsg_End$ = mod.main()+0424CFFC
bp Tgt_SendMsg_End$, "Tgt_SendMsg_End"
bpcnd Tgt_SendMsg_End$ , "0"
bplogcondition Tgt_SendMsg_End$, "1"
bplog Tgt_SendMsg_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: Tgt_SendMsg End ...  "
labelset Tgt_SendMsg_End$, "Tgt_SendMsg_End"






//
// WSASend
//

WSASend_Start$ = ws2_32.WSASend
bp WSASend_Start$, "WSASend_Start"
bpcnd WSASend_Start$ , "0"
bplogcondition WSASend_Start$, "1"
bplog WSASend_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: WSASend Start ... socket={arg.get(0)}, pBufs={arg.get(1)}, dwBufCnt={arg.get(2)}, lpOvlpd={arg.get(3)}, pRoutine={arg.get(4)} callAddrRva={mod.rva([esp])}"

bpd WSASend_Start$ 




//
// GetQueuedCompletionStatus
//

GetQueued_Start$ = KernelBase.GetQueuedCompletionStatus
bp GetQueued_Start$, "GetQueuedCompletionStatus Start"
bpcnd GetQueued_Start$ , "0"
bplogcondition GetQueued_Start$, "1"
bplog GetQueued_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}:  GetQueued start ... CmpPort={[esp+4]}，pNum={[esp+8]}，lpKey={[esp+c]}，lpOlpd={[esp+10]}，dwMilliseconds={[esp+14]}，callAddrRva={mod.rva([esp])}"
bpd GetQueued_Start$ 


// 左侧笔记本
// GetQueued_End$ = KernelBase+14473D
// 右侧台式机
GetQueued_End$ = KernelBase+14473D 
bp GetQueued_End$ , "GetQueuedCompletionStatus End"
bpcnd GetQueued_End$ , "0"
bplogcondition GetQueued_End$, "1"
bplog GetQueued_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: GetQueued End ... Prt={arg.get(0)}， *pNum={[arg.get(1)]}，*pKey={[arg.get(2)]}，*，pOvpd={[arg.get(3)]}，dwMs={arg.get(4)}，retVa={eax}, *strpOpd={ansi([arg.get(3)])}"
labelset GetQueued_End$ , "GetQueuedCompletionStatus End"





//
// GetQueuedCompletionStatus 143F90
//

PostQueued_Start$ = KernelBase.PostQueuedCompletionStatus
bp PostQueued_Start$, "PostQueuedCompletionStatus Start"
bpcnd PostQueued_Start$ , "0"
bplogcondition PostQueued_Start$, "1"
bplog PostQueued_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: PostQueued start ... Prt={arg.get(0)}，numTransfer={arg.get(1)}，dwCmpKey={arg.get(2)}，pOpd={arg.get(3)}，callRva={mod.rva([esp])}, strOpd={ansi(arg.get(3))}"


// 左侧笔记本
// PostQueuedCompletionStatus_End$ = KernelBase+143FB9 
// 右侧台式机
PostQueuedCompletionStatus_End$ = KernelBase+143FB9
bp PostQueuedCompletionStatus_End$, "PostQueuedCompletionStatus End"
bpcnd PostQueuedCompletionStatus_End$ , "0"
bplogcondition PostQueuedCompletionStatus_End$, "1"
bplog PostQueuedCompletionStatus_End$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: PostQueuedCompletionStatus End ... retValue={eax}"
labelset PostQueuedCompletionStatus_End$ , "PostQueuedCompletionStatus End"
bpd PostQueuedCompletionStatus_End$



//
// 发送Windows消息
//




//
// PostMessage
// 

PostMessageW_Start$ = user32.PostMessageW
bp PostMessageW_Start$, "PostMessageW Start"
bpcnd PostMessageW_Start$ , "0"
bplogcondition PostMessageW_Start$, "1"
bplog PostMessageW_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: PostMessageW start ... hwnd={arg.get(0)},msg={arg.get(1)}，wparm={arg.get(2)}，lparm={arg.get(3)}，callAddrRva={mod.rva([esp])}"


//
// PostThreadMessageW
// 

PostThreadMessageW_Start$ = user32.PostThreadMessageW
bp PostThreadMessageW_Start$, "PostThreadMessageW Start"
bpcnd PostThreadMessageW_Start$ , "0"
bplogcondition PostThreadMessageW_Start$, "1"
bplog PostThreadMessageW_Start$, "tid={u:tid()} time={GetTickCount()} RVA={mod.rva(eip)}: PostThreadMessageW start ... tid={arg.get(0)},msg={arg.get(1)}，wparm={arg.get(2)}，lparm={arg.get(3)}，callAddrRva={mod.rva([esp])}"

